Email a friend

To

From

Thank you

Sorry

What Certifications should be pursued and in which order for a career in IT Security?

So, I am an entry level IT Tech, doing helpdesk work in a growing company. I have my A+, Net+, MCP:XP, and the Linux+/LPI1/Novell CLA combo. I'm looking to work towards a career in IT security and was wondering what the best certification track would be. I know I want to pursue the LPI2 and 3 but I'm not ready for the next level of Linux yet. So where should I go next?

If you want to work in IT security, the main certifications that is necessary to progress in the field is CISSP (Certified Information Systems Security Professional). In my company, that is step one, required certification before we will even consider the rest of your resume. Then I would get SANS GSEC certification. I'm not trying to shill for SANS, but you can get some useful certification through SANS, either through live training or online learning (where applicable). Unlike many so-called schools, SANS actually has value in the real world, and beyond GSEC (Global Information Assurance Certification Security Essentials Certification - you can see why they use the acronym), you can also demonstrate that you have practical skills and knowledge of web app penetration testing (GWAPT), web app security (GWEB) or secure coding (GSSP), for example.

It might be a good idea for you to spend some time on job sites like Simply Hired, doing searches on the specific security role you want to play in a company. The results should let you know exactly what specifications will be required by companies for that job, and other security related jobs.

You will probably also be able to get an idea of how in-demand those jobs are currently. That's a really good thing because you don't want to spend the money or time getting a certification that isn't going to have real value to you in the job market. You can save yourself a lot of time and money by avoiding certs that employers aren't really interested in.